Foxit Patches Flaw in PDF Reader. Patch now

Foxit released Reader 5.4.5 to fix the boundary error in the company's PDF plug-in for Firefox on Jan. 17. While Foxit released a fixed DLL file on Jan. 11, users are encouraged to download the full update. Users can manually update to the latest version of the software by checking for updates in the program’s "Help" menu, or getting the latest software from the "Download" section of the Foxit website.

This site may earn affiliate commissions from the links on this page. Terms of use.

If you use Foxit Software's PDF reader instead of Adobe Reader, make sure to download the latest update, which closed a serious remote code execution vulnerability.

Foxit released Reader 5.4.5 to fix the boundary error in the company's PDF plug-in for Firefox on Jan. 17. The flaw turns out to not be in the actual plugin itself, but rather in the library file which allows Foxit to communicate with Firefox. While Foxit released a fixed DLL file on Jan. 11, users are encouraged to download the full update.

Foxit's Reader is popularly considered the secure alternative to Adobe ReaderThe site was unavailable earlier today, but appears to be back now. It's not clear at the moment what may have disrupted the service.

"Update as soon as you can," said Graham Cluley, senior technology consultant at Sophos.

Users can manually update to the latest version of the software by checking for updates in the program’s "Help" menu, or getting the latest software from the "Download" section of the Foxit website.

Italian security researcher Andrew Micalizzi found the remote code execution flaw in Foxit Reader plug-in for Mozilla's Firefox earlier this month. If exploited successfully, the vulnerability would allow the attacker to write to any memory location on the targeted host and casue a stack-based butter overflow. The bug currently affects Mozilla's Web browser; other platforms may not be affected.

Vulnerability firm Secunia has classified the bug as “high critical,” as it affected all versions of Foxit.

Attackers frequently send booby-trapped PDF files to victims as part of phishing and other malware attacks. Opening the file triggers the attack code exploiting the vulnerability.

"The malicious attackers like it when the whole world is using the same software, as it increases their chances of a successful attack," Cluley said.

Many people use alternative PDF software because the attack may exploit a vulnerability in Adobe Reader which many not be present in Foxit, Cluley said.

Chrome users can decide to use the integrated PDF reader, which is built on Foxit's SDK and wrapped up in the browser's sandbox, instead of Adobe Reader. Mozilla is considering adding an integrated PDF reader to its core code instead of relying on plug-ins, according to a recent blog post.

"For a number of years there have been several plugins for viewing PDFs within Firefox. Many of those plugins come with proprietary closed source code that could potentially expose users to security vulnerabilities, Mozilla wrote on its blog.

The integrated reader, built with HTML 5, is available in Mozilla's beta offering.

Fahmida Y. Rashid is a senior analyst for business at PCMag.com. She focuses on ways businesses can use technology to work efficiently and easily. She is paranoid about security and privacy, and considers security implications when evaluating business technology. She has written for eWEEK, Dark Reading, and SecurityWeek covering security, core Internet infrastructure, and open source.
Follow me on Twitter: zdfyrashid
More »